[SR-Users] sip over tls is not working

Daniel-Constantin Mierla miconda at gmail.com
Mon Jul 9 18:24:05 CEST 2012 

Hello,

also, can you provide more details about the case? Is it with the very 
first connection or you do some load testing and at some point you get 
this issue?

Can you reproduce it always? Do you set different number of workers per 
socket? What is the output of 'kamctl ps'?

Have you tried with 3.3 branch as well or just master branch?

Cheers,
Daniel

On 7/9/12 3:04 PM, Klaus Darilion wrote:
> Use wireshark to analyze the TLS handshake
>
> regards
> klaus
>
> On 09.07.2012 13:27, Aft nix wrote:
>> Hi,
>>
>> I have enabled tls parameters as follows:
>>
>> in kamailio.cfg
>>
>> listen = tls:<IP>:<PORT>
>>
>> in tls.cfg
>>
>> [server:<IP>:<PORT>]
>> method = TLSv1
>> verify_certificate = no
>> require_certificate = no
>> private_key = /usr/local/etc/kamailio/kamailio-selfsigned.key
>> certificate = /usr/local/etc/kamailio/kamailio-selfsigned.pem
>>
>> Now if i try to connect to this interface using openssl s_client, it
>> does connects,
>> but now server certificate is sent from kamailio.
>>
>> kamailio log shows this :
>>
>>    <core> [ip_addr.c:247]: tcpconn_new: new tcp connection: <CLIENT IP>
>>    <core> [tcp_main.c:1089]: tcpconn_new: on port 40727, type 3
>>    <core> [tcp_main.c:1400]: tcpconn_add: hashes: 2614:2652:2494, 2
>>    <core> [io_wait.h:390]: DBG: io_watch_add(0x82535e0, 23, 2,
>> 0xb5701580), fd_no=11
>>    <core> [io_wait.h:617]: DBG: io_watch_del (0x82535e0, 23, -1, 0x0)
>> fd_no=12 called
>>    <core> [tcp_main.c:4296]: tcp: DBG: sending to child, events 1
>>    <core> [tcp_main.c:3963]: WARNING: send2child: no free tcp receiver,
>>   connection passed to the least busy one (3289651)
>>    <core> [tcp_main.c:3967]: selected tcp worker 0 0(8) for activity on
>> [tls:<IP>:<PORT>], 0xb5701580
>>    <core> [tcp_main.c:3576]: BUG: handle_ser_child: fd -1 for 0 (pid 
>> 2491)
>>
>> I'm using kamailio from git. its updated to the latest.
>> Thanks in advance.
>>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio Advanced Training, Seattle, USA, Sep 23-26, 2012 - http://asipto.com/u/katu
Kamailio Practical Workshop, Netherlands, Sep 10-12, 2012 - http://asipto.com/u/kpw

More information about the sr-users mailing list